In general, a standard system upgrade is sufficient to effect thenecessary changes.

Details follow:

Derek Noonburg discovered several integer overflows in the XPDF code,which is present in xpdf, the Poppler library, and tetex-bin. Bytricking an user into opening a specially crafted PDF file, anattacker could exploit this to execute arbitrary code with theprivileges of the application that processes the document.

The CUPS printing system also uses XPDF code to convert PDF files toPostScript. By attempting to print such a crafted PDF file, a remoteattacker could execute arbitrary code with the privileges of theprinter server (user 'cupsys').